How to avoid the 'SIM swapping' scams that are on the rise
ฝัง
- เผยแพร่เมื่อ 17 ม.ค. 2024
- Scammers are swapping out SIM cards without ever touching victims' phones and using them to steal information and money. We go through how to protect your information.
Reporter: Kristin Crowley, Video: Jason Crow
![ตัวอย่างภาพยนตร์ Venom: The Last Dance [Official - Sub Thai]](http://i.ytimg.com/vi/DHPjvAwmnRE/mqdefault.jpg)
In Germany you have to go to a store physically to demand your sim to be swapped and they will only do it if you bring your ID card to identify yourself
👍
In India, too.
Thats always been the case here in the USA but as been said , someone on the inside of the phone company is in on the scam.
bruh u cant compare a civilized nation like germany with a shithole third world country like Merica.
Theory all countries but there's a human factor here also.... in Poland I get eSim for my email just calling them and asking... Not even security questions ever asked xD Imagine... Just spoof my phone number, call from my iPhone from a Macbook nearby (bluetooth vulnerabilities), all different methods (they even don't know existing... or they probably even didn't care detecting that it's fake... (even spoofing from VOIP gate will do - that's trivial to detect - but often will pass)
Edit: if an attacker would try to swap your SIM via the hotline (not the physical store), they’d have to know first your Providers Account number and second the last digits of your bank card number. Then they can prompt for a SIM swap which needs to be authorized by a 6 digit code sent to your current phone number, which they don’t have access to unless you’d give them that code
NOTHING WILL CHANGE TILL ALL WIRLESS CARRIERS ARE HELD ACCOUNTABLE!!! THESE ARE BILLION DOLLAR COMPANIES AND THEY ARE NEVER HELD ACCOUNTABLE!!
The problem is these journalist arent covering the entire scam. The victims typically has their email accounts compromised before the sim swap. This isn't just in the cell companies. Think about it. They said about 2000+ Sim swapping victims in the more recent numbers. There are roughly 300 million cell users in the United States alone. Clearly it's something that rarely happens and the victims were compromised far before the sim swapping
Change the 2-factor verification number to your Gvoice or text app number, the scammer will not have access to them
Probably because many of the criminals are the contacts in the wireless companies
I don't doubt the banks are involved.
Amen😎🙏🏾💯
The phone companies should require people to come into the store with 3 pieces of ID to transfer a phone number to a new SIM card.
Dude.....that's racist. You know blacks can't get an i.d.
I have a special pin that is required to activate a new phone
@@FP194 I think the hackers just need your phone number.
Yes, phone carriers should require people to come into store to verify their identity. This could easily be an inside job.
have you seen what kind of people work in the stores? barely high school graduates, I'm sure they can easily be bribed if a criminal organization wants.
The fraud is definitely an inside job. I have worked for AT&t before and I've seen scandalous employees doing Sim swaps without a customer's ID.
No 4 digit code required or do they already know your code? At&t requires a 4 digit code where I am.
I dont think 4 digit code is needed because they produce a new simcard@@firebir11
I hope u reported it.
Can I ask you , can they still do it without the 4 digit PIN code?
A dude at Spectrum took my phone to the back room and I freaked out and told him I wanted him in front of me with it.
You failed to mention that the cell phone providers allow the SIM card swap by NOT insisting on ID before issuing a new SIM card or phone.
Collecting someone's ID? How quaint! Believe it or not fake IDs have been used in every bar, strip joint, etc for the last 50 years. $15/hour clerks are not trained by the FBI or NSA in to spot fake IDs. A high school kid can print you up a new ID in ten minutes. Sheesh!
I agree. And shouldn't there be a big red flag if someone is trying to get a new phone in Utah but lives in Georgia? Hmmm.
My company requires an account password for the phone to get a SIM card. Probably because I called in and added it. Just add an account password that cannot be bypassed. If you forget it sucks😊 but otherwise your account is protected.
@@edwizard62 I moved and had a reason to deal with my provider.
But I went into one of their storefronts.
Can you make eSim by just opting in with sms somewhere? 😂😂😂 Companies doesn’t know security. They care about other stuff..
Seems like the people who are giving them a new phone are in on the scam
Ya think?
that can happen... Who monitors that the person who want the job doesn't have criminal history? who verify them?
I was worried by my dealings with a member of Telstra when I called for support. I put the call on speaker and my husband told me to hang up on her
Agreed. They gave my old phone number to some guy immediately who is still accessing my accounts three years later! And I was getting calls for years because they gave me ,what it appears to be his number!!!😢
correct 👍🏽
Right straight to a lawyer to sue the phone company for not verfying identification.
Tell us how that goes, honey.
these lawsuits last years and years
Secure your SIM with a PIN. There's a tutorial on TH-cam. Then, use a pin to secure your phone account. Finally... Always request a pin for your accounts at the bank. Oh, and make certain your family has a code word in emergencies. That way, AI scam calls won't work.
With most of these companies you agreed to arbitration before their selected judge, when you first got the account. It is in the pages and pages of tiny print you agreed to.
@@chipmunktubetop, he's your honey?
1:42 Why don't the phone companies simply call the cell phone or send a text... or just look at account activity or ask for ID to prove otherwise? Almost feels like the workers at the phone company are in on this. Seems like something that you could disprove rather quickly.
If they call the hacker who now has access to the phone can answer and pretend to be the victim.
Alot of times the workers are in on it.. especially when regarding T-Mobile, they use contractors from third world countries where scammers pay worker 1-2k which is life changing money to them and its game over… nothing will change till the wireless carriers are held responsible!!
Oh and read the fine print in your terms and conditions of your wireless contract, they hide it in there that they are not responsible for any sim swaps/hacks… such a joke they get away with it
@@Concepcion30 BEFORE the phone is replaced...
@@Concepcion30 Lol, what? Why would they call to check ID after giving them a replacement phone? That destroys the notion of checking to begin with.
@@Concepcion30I really hope you're not this stupid in real life.
The carriers are the problem. They dont have safties requirements for a SIM swap like voice ID, which credit card companies have. A requirement for physical ID isnt there either.
Also the phone emlpoyees themselves are the criminals. They get these jobs at phone companies and do the swap for criminal organizations. This is the number one way the swap happens.
The employees are in on the scam.
Voice ID in the era of AI? Takes a few minutes of work involving a voice sample sentence from the target person to make an AI say whatever
Don't use your phone to pay or to bank
@@stefan0ro not presently. Their are inflections given through emotions and physical characteristics that AI can't mimmick.
@@ricardodiez4311 that would be best policy, imo. only problem is, that in these days everything basically forcing you to use online banking via phone everywhere, cash soon won't be even option any more etc. they making more problems than solutions, world is loosing critical thinking and commons sense, from phones, cars, jobs, whatever
2:19 They protected this investigator's identity by showing us his face. There are criminals who specialize in identifying people by their faces. By showing his face, they have blatantly revealed his identity; the opposite of what they said.
He asked that his name not be given. He chose to sit in front of the camera.
@@TheNYgolfer Irrelevant.
My favorite part was where they say, “if you suspect you’re a victim and your phone stops working, call this number…”.
😂.
lol.
Use a different phone. I have two phones with three sims.
@@okaro6595 Thanks, Tuvok!
Obviously use a different phone. DUH! smh
Phone carriers are at obviously at fault ! It's ridiculous they don't check that phone is active or not, you can call it and verify if there is a person or not !
They got folks on inside,
So personal responsibility to make sure you have the proper security set up is not a priority
@@timothydempsey3763the same way they keep finding card skimmers in gas stations, the employees are in on it
You completely fail to understand how this scam works lol. The people who get in touch with your phone company already have your crucial information, so your phone company cannot tell if it's really you or not. And how does checking to see if the phone is active or not make any difference? Stolen phones are used and active just like regular phones. Like the video says, don't go posting your personal information because identity theft comes in many forms, and this is one of them
@@jsncrso ofcourse they do otherwise it wouldn't work. However my point was that to prevent this from happening operator always knows that phone is online since it's connect to the network. So if someone says "i lost my phone" you can see that it's not true.
Something to add, most Major Cell Phone Carriers have an added security measure specifically designed to help prevent "SIM Swapping". It requires extra measures to perform the actions atop any existing measures and can even include your physical presence along with proper identification at one of their store locations. It may take slightly longer, and require a few additional steps when you decide to upgrade your phone, but it's well worth the minor inconvenience for the added protection.
To be even more clean it's mostly not a thing anymore
@@realspinelle1, you mean that SIM-swapping is “not a thing anymore”?
@@realspinelle1WHAT is not a thing anymore?
Or just change the 2-factor verification number to your Gvoice or text app number, the scammer will not have access to them
@@JohnnytNatural WHY won't the "scammer" have access to your Gvoice or text app number. Doesn't he have access to what's in your phone? Or not?
One of the great things about having no money is no one can drain your bank account.
Unless they deposit phony cheques and then withdraw based on those
Banking clearing times will prevent this. @@genericreference6969
Banking clearing times will prevent this. @@genericreference6969
They could open credit cards and put you in further debt... maybe
Not really. In many countries (not sure about US) it's fairly common for identity thieves to apply for a large loan once they've gotten access to your banking app. Failing that, they simply drain your credit card (which is not their first choice, as in most countries the maximum overdraft is usually quite limited). Also there may be other limitations, such as capped transaction sum or max daily withdrawal.
But even this is not the worst part. In some countries, identity thieves can even sell your property (apartment or home) right under your butt using your stolen identity and the system of electronic public services. The total cost of the whole fraudulent operation is just a few thousand dollars at most, there's essentially zero risk of getting caught, and the victim has no possible way to recover their property (assuming the thieves quickly resold it multiple times through front men)
Please note that this also applies to eSIM. This video is exaggerating the swim swap issue by showing a physical sim card. Hackers are not physically stealing your sim card they are cloning yours remotely.
Good point
There is no cloning, they just get a new one with the same number.
Cell companies should insist on an in-person appearance to swap sim cards to a new phone. Verify the ID of the person. If they can't make an in-person appearance, it's most likely they are not the person who's authorized to change phones.
Nope not true, the nearest place to me where a cell phone store is, is a 45 mile drive each way, I'm supposed to take 3 hours off work to drive there to show ID in person???
I bought a new phone last night on UScellular, they called, and all I had to do was confirm my name and mailing address and that's where they are mailing the new phone.
Provided your phone isn't mis-delivered. In the past 2 years, I'd guess we've had a half dozen of our packages delivered to a neioghbor and we've receive an equal number of neighbor's packages. I'm even getting emails from companies that I've never had any business relationships. Sorry, but I just don't trust delivery on expensive or sensititive equipment.
Normally, when you do any changes to the account they require a secret code or word before they will be able to access your account or make any changes. If you fail to get that code (forgot), they will require only an in person at the store and with your ID.
So that would leave us with only ATT, Tmobile, and Verizon.
Good job, you have made it impossible to ever own a phone.
@@danburch9989Horrible idea!
I don’t understand how mobile phone companies just agree to swap SIM cards to strangers without identification, they should be held accountable
Just typing without actually knowing what you’re talking about 😂
Hey lets outsource customer service to corrupt countries 😂 what can go wrong 😅
Yup, they are doing the needful all over our faces.
This convinces me that a land line is still an important asset. If the company issuing the SIM has to call you on another line, they won't deal with the person who has attempted the scam.
Or you could and should have a second cell phone. Where I live landlines are history. You could not have gotten a new one for ten years, in most of the country it the service is completely canceled.
We got rid of our landline because we were receiving so many calls from scammers. At that time, almost none of them used mobile phones (where I live). We are now starting to get occasional calls to our mobiles.
Still can be attacked by splicing the landline cable
Landlines can equally be affected by this. Instead of calling the company and saying your phone was "lost or stolen" they call the company and say you're moving, or you're switching from landline to cell phone.
This attack actually pre-dates cell phones by several decades. It's just more prevalent now that all our banking is done with codes sent to our phones.
Paypal saved the day. Not the banks that held her money and allowed the assets to be transferred. Not the phone company that reassigned her phone number to the scammer. . Paypal identified the suspicious transaction and aborted it.. Never gonna complain about paypal fees again...
If the phone company became legally liable for the financial losses caused by the sim swap, they would soon start asking for ID.
Plenty of other things to complain about though !
They aren't usually on the side of the buyer, just the seller !
I only pay via PayPal or credit card on phone which is protect never put banking info on phone or computer . I know to much to do that .
@@jgalt5002I sure hope you don't mean you give credit card details over the phone. Nothing is less secure than doing that.
Business bank accounts also have more layers of protection so that's another possibility.
If your sim provider gives your phone number to a scammer without your permission then surely they are liable for any loss if it's used to steal from you?
They are accessories to the crime.
To aggravate all this, the country's largest bank, Bank of America, allows ONLY sim-based 2FA. This makes all their accounts vulnerable to sim swapping attacks. They can overcome this by simply allowing use of authorization apps, but they don't.
Boa is the worst bank they get hacked all the time
There are no federal, state or local laws that require you to do business with BofA. Let the suckers take the risk.
It isn't just BofA. It's pretty much all of the banks and all of the credit unions. The only 2fa that they support is SMS based to your cell phone. If they supported Authorization apps, this will cease to be a problem.
@@SK-hs4fp I know but boa has been caught numerous times doing shady stuff even laundering money. They get hacked all the time and have people info stolen.
I had them for a year within that year I go use my debit card to pay for groceries and it's canceled. I go to the bank and they tell me sorry. We had a security breach yesterday so we canceled a lot of debit cards. No text messages about the card after the 3rd time. I closed my accounts they are also the ones who foreclosure on people homes that are not behind on their mortgage.
The average person can't be trusted with authorization apps. They're not tech savvy enough to know how to responsibly manage a 2fa app. They can easily lose access to it or mess something up during set up. This is why banks don't do it.
What makes this worse is when you call your bank and no one is there to answer.
Hours of operation are 8am-8pm and at 11pm you realize you are being Sim Swapped Scammed.
There should be a law th
where Banks have to have someone answer you call 24-7 With A Security Specialist at hand 24/. Banks are the problem as well.
I agree, and I'll bet banks would say that doing that is too costly, meaning it'll cut into shareholder profits.
Join a credit union, fk the banks
@@novampires223 I think they are worse when it comes to getting you your money back. Drag their feet more? Also some Credit Unions you need to be a member of a work force to join them, at least most credit unions work that way.
That's crazy. I'm in Ireland and my bank's card services are open 24/7.
@@novampires223it’s not like a lot of credit unions are open 24/7 either
Cell providers need to own up and pay up
And some idiots out there think linking their credit cards to their phones is a great idea.
You are NOT responsible for fraudulent charges on any credit cards...
Only one of my cards is hooked to my phone.
It WAS a great idea, for Them!
Don’t put banking info!
@@jgalt5002 And almost never over the phone.
Every time we go out in the world we are vulnerable to so many different levels of assault it’s mesmerizing! From cyber/financial crimes to pathogens to physical / mental!
Today I took the Pink Line to downtown Chicago. I made it back home alive.
You're so right, Adam! It's scary, specially for older people.
It's bizarre that the more technology advances, the more vulnerable we are. "Identity theft" wasn't even a phrase a few decades ago. The "convenience" of using your credit card online or over the phone has made it commonplace. Nowadays you even have to worry that somebody has hijacked the title to your house. And there are scanners that can read the magnetic strip on your credit card while it's in your pocket. How are ordinary people supposed to be "vigilant" enough to keep up with all the latest electronic scams?
Closing such security holes should be completely the banks' responsibility. If that means getting rid of some convenient options, so be it. I don't want to have to worry every day about the latest innovation in stealing my money electronically, and hope that the news show will tell me about it before it happens. That's the main reason for having your money in a bank instead of under your mattress, to have a safe secure place to keep it.
The problem is clearly in the hands of the phone company they are the ones giving the sim cards to the criminals
I think the criminal is at fault.
What if the employe is a scammer ?
Right it’s not your fault, it’s not your banks fault the people actually holding your money by the way, it’s your cell phone company’s fault 🤣🤣🤣 please take some responsibility
Should be a capital crime.
literally
Only when it happens to politicians. The government doesn't care about anyone else.
That’s why many cell companies are doing away with physical sims. When they get caused they should suffer a severe punishment. Many people work hard for their money and they could end up on the streets.
That isnt the real issue, most of the apps on your phone are spies, and if you have simple online accounts the phones constantly trying to log you in, why>? Because your phones constantly trying to authenticate whos using the phone and ratting you out.
@@user-iy1vo2jf2q people need to do away with unnecessary apps. Apple allows you to uninstall almost every app. Android won’t let you uninstall things like Google.
Scam works the same regardless if it's a physical SIM card or eSIM. Scam with eSIM actually could be done easier as it does not require scammer's presence at the shop or physically shipping a new sim card. Transfer can be done remotely.
@@woopsserg How could that be easier than swapping sims?
@@ofcourseimfullofit Swap can be done either way between SIM/eSIM. With eSIM it can be done completely remotely, no need to collect/ship physical card. With eSIM it's possible to steal US phone number while being say in India with no accomplices in US whatsoever.
This is why I do NOTHING on my phone. Text and phone calls mostly.
No bank info
No email
No social media (at all - anywhere)
Well, you’re Amish then
Nope. Just smart.@@MysteryMan404
You're doing it right. Same. Won't do any banking on phone.
SIM swap has nothing to do with hacking your phone though. It's about stealing your phone number and using it for nefarious purposes. What was said at 1:55 is absolute nonsense.
This is social media dear😅
Never heard of SIM swapping, until now.
If you have Verizon you can put a lock on your phone number. You can set up Number Lock for free to protect your mobile number from an unauthorized move. That number can't be moved to another line or carrier unless you remove the lock.
Thank you.
Is that what the lock is for?? My new phone has that, but I thought it was about me having to log on every time I picked it up.
Would that help to prevent swapping on the same Carrier?
Do other carriers offer this?
Experts do not recommend two-factor authentication using a sim card. Every single one of them will tell you to not use a SIM card to use some other form of 2FA.
And yet not a single bank will allow anything other than SMS based 2FA, and as the end user you don't get to choose the 2FA method, the bank does. So what can you actually do in the REAL world?
I worked in IT for 40 yrs in almost every aspect i.e. IT Service Delivery mgr, Infrastructure Project manager, Incident Manager, Major Incident Manager, IT Work Group Manager, Cyber Security Incident Manager, Infrastructure Release Manager, Etc, Etc, Etc. What I find truly crazy is that we see hack stories everyday of Federal/State/Local government, private industry, and individuals and yet people want to go to a digital currency system. I'm here to tell you there is ZERO possibility to keep that system secure end to end and I don't care what any talking head tells you. People are in for a rude awakening under the coming system if they let it happen.
Cell phone provider personnel are complicit, they’re the one giving info to thieves.
Naaah. Just the sim card. 😅
Last year someone used my card information to order an item on the Walmart website the same time I was browsing the same site! The product was delivered to Katy, North Carolina. And, guess what?
I never even left Walmart an address and I live in Texas!🤯My card company did an investigation because I requested it. And, I did not get my money back! So, I contacted the North Carolina Bureau of Investigation via email.
Now, it looks like I am going to have to spend extra money and hire a private investigator to get whomever responsible prosecuted.💔🤦🏾
Sorry about that but there’s not any Katy NC. I think you got the town name wrong.
Why wouldn't they give you your money back? That part doesn't make sense especially since you have a different address then the purchase
And why would you call a bureau of investigation instead of the "Katy" police to file a local police report... It sounds like you have the address of where the item was shipped, should be pretty easy for them to follow up.... right?
And how are we supposed to guess that you didn't leave walmart an address... What does that mean?
@@SteveinSanFrancisco Poor investigating. I never left an address, because what I bought was supposed to be picked up by my kid. I thought that the whole situation was totally weird, because what I bought was delivered to an address in Katy, North Carolina.
Easy remedy is to require the owner of the phone to appear in person with multiple identifications for replacing sim cards. Require the card on file as well.
Our bank will only make changes in our accounts in person. A little more trouble but we sleep well. Also, no banking or social media apps.
I'm pretty sure no changes are made. The access is via your current bank information
@@kafklatsch3198 She said "no banking or social media apps."
That ridiculous. In Venezuela, for example, cell phone companies register all your data, even your fingerprints, when you buy a new line. If someone goes to a cell phone company and claims to be the owner of some phone number, they will check that just by entering the ID card number, and they will know if that person has that phone number assigned or not. You have to present your physical ID card with your picture and everything.
The sad and aggravating part is that when the hackers are caught they get light sentence even though they cause mystery and lost of large amounts of money. Judges need to understand the vast chaos and also people losing their a large sum of money.
So how do hackers get into people's phone? That would have been helpful and also what banks are doing to protect their customers. Why would any person or business want to have a bank who doesn't values their customers and have more authentications and verifications for their customers and even notice unusual and suspicious activity going on accounts and cell phones, too.
What's more important, have some inconveniences in going to the bank and/or cell phone store or having your phone hacked and money drained from your accounts? Also have more than one verification that has to be verbal to access your accounts or in person.
"Misery and loss", not mystery and lost.
The onus is on the phone company for believing this crap then. Don’t they check the identity of the claimant before issuing another phone?
No, they figure someone paying $500 or whatever for a new phone is good
I'm laughing at those phone graphics.They show command line interfaces like DOS on a 6 inch screen. The font size for three of those on one screen would be microscopic. Red screen with "CYBER ATTACK" LOL
Yeah... overly dramatic.
When complained to police or FBI they said they have more important crimes. Scamming is low priority!
The court needs to find the cell phone companies liable for this, then they will ensure that their security is better and stop sending phones to random people who call.
In europe you have a bank app and verifications are sent to the app so it is independent from the phone number.
The technology is in the dark ages from the banks so they should be liable for losses.
They can't drain your bank account if you don't bank online. Convenience has security risks
They can't do it in ay country that has any security on online banking. You never should get access to a bank account with just a phone number. Here you need three other pieces of information.
They actually can. If they have enough information to convince the cell company that they are you, they probably also have enough to convince the bank of the same.
Why isn't the cellphone company responsible for the costs since they are the one responsible for handing over your account without verification?
I know some companies are putting Sim blocks on accounts now(requested by owner). You have to physically come to a store and prove you are the owner of the account.
The carriers aren't checking who is buying a replacement phone. Those carriers should share security camera footage.
@@shawnarguinsr.6545 I think the problem will get worse!
Criminals don't buy their burner phones at stores. They buy them online with a prepaid credit card.
@shawnarguinsr.6545 ... It's done in store in person.. the sim card is physically placed in the newly replaced phone...
@@JoeBLOWFHB..@shawnarguinsr.6545 ... It's done in store in person.. the sim card is physically placed in the newly replaced phone... not over the net... time is critical and the thief can't wait for a mailed sim card..
This is about SIM cards, nothing to do with getting a phone.
This “Story” has a lot of information. Precious little, however, on how to protect yourself. This piece is essentially click-bait.
4:09 listen again
@sadtiger2022 I did. Which is why I wrote, “Click-Bait.” I could very well have written “Bravo Sierra,” but you get the point.
All phone companies should be held responsible for this..
That's the best thing with Australia we have strict telecommunication standards that require you to go into the store and show your physical ID card we don't even have burner phones you have to have a physical form of id for post pay it can happen with pre-paid
I’m pretty old school, heck I still do my taxes the old way, on paper, and not electronically. So I always thought that doing financial transactions thru a cell phone app was a bad idea. I only use my PC that is wired to the internet, no wi-if, to do important banking and brokerage interactions.
When you dance with the d3vil, you can get burnt to a crisp.
I have 2 left feet and no sense of rhythm, and old school tendencies, much like you.
I only have a phone because of my wife. She can cook and clean but can't let me go anywhere without the phone but I even left the country the other day without it.
so you only do important things on the net like banking, brokerage, and .... shitposting on youtube. lol. and perhaps some snooping around on x sites.
@@JustMe-vz3wd it’s not about the net, it’s about the device you’re using. Obviously you missed the point.
Set up email alerts on all your accounts so if people go to make changes you are alerted.
How do the scammers know what bank accounts you have? When the SIM is swapped the only info they have is your phone number. They don't get any account numbers except your phone account number. The only way they would be able to access your bank accounts would be to have access to your phone (in your hand) or they would have to know you and know things about you.
Considering how targeted this scam is, my assumption is it starts with a data breach. The criminals already have the data for identity theft, but can’t get past the 2FA. So, they either have to trick you or trick the cell service provider into giving them access.
@@randomstuff-qu7sh It could be previous data breach but not necessary at all. They can get your social security number from say previously stolen credit agency databases. Then they may know your email and user names (or figure them out later) as it's generally not a secret information. Then they can use your number to "restore" your email/google account password. Use that for "restoring" other passwords, changing associated emails. Use social engineering to get more access through human support. And so on.
Aren’t the carriers copying all the old SIM info onto the new fake SIM. All your apps and passwords go to the scammer.
@@firstlast-gn5bo Carrier does not have access to any data on your phone. SIM card just grants your phone access to their cellular network. Once new SIM card is activated, old SIM just stops being accepted by their network.
@@firstlast-gn5bono because it's a fresh new Sim. YOU need your original Sim to transfer to the new one.
Just over a week ago, a dude from Tennessee stole my SIM card package! Here I am in Texas and dude stole it in Tennessee?!🤯 I found this out through tracking my package.
So, I filed fraud through the UPS site.
The Phone companies and banks should be held liable for not doing proper identity checks.
There's two sides to this. First, there needs to be better identification on the part of the phone companies in order to give out a new SIM card. Also they need to root out malicious individuals, people with connections to hackers, inside men, and people likely to accept bribes, from the company.
Second, banks are the last major industry on Earth that do not allow other 2FA methods like TOTP apps or hardware security keys, which are WAY more secure than SMS text messages.
The biggest problem here is the banks. In the UK it’s impossible to access a bank account with just a phone number. The bank would make you provide at least 2 forms of ID matching what they have on file before they would even talk to you about changing access to your account. What’s the deal with US banks?
Wait, so you mean I don't have to worry about this since I am in the UK?
That's not how this scam works. It's done through the phone companies and using phone authentication to get into people's accounts, likely the scammers already have a lot of their identity/information such as passwords and just need this last step. The bank's responsibility is to stop people's accounts from getting drained. If someone tries to do a transfer of tens of thousands of dollars out, shouldn't the bank put a stop to that and get confirmation from the account owner?
@@razerx100 Nope, it has happened in the UK. The commenter doesn't understand how this works.
Is this a US thing? In UK the phone company doesn't just give you a new phone just because you say you have lost the current one. You should contact the insurance company, if the phone is insured. And then, the phone and sim would not be any good for scamming if you do not know the log in details and passwords. And even if you manage somehow to activate a phone to the stolen ID, the banks in UK make is so unbelievably strict to access their apps from a new phone that you would need a various complex security checks to get through, and if you enter only one of them wrong just once, they freak out and lock you out for further security checks. And I have failed many times with my own information when I moved to a new device.
Who is stupid enough to pay every month for insurance on a $350 phone??? they tried that with me on the new one I bought yesterday, like I'm going to pay $14.99 or whatever it was a month to insure a $350 phone LOL! If it was a $20,000 phone then yes, it's worth it, NOT for a $350 phone. Ive never lost or broken a phone in my life, I keep them in a hard CASE and make sure I never drop it, my 3 year old Android doesnt even have a scratch on the screen.
Americans generally associate the phone and the SIM tightly. The idea is to get a new SIM. You can then use it in any phone. Mayne they also give a phone but they will bill the victim for it unless paid with cash.
@@HobbyOrganist In some countries you can include your phone in your home contents insurance as a 'portable' device, and most mid- to high-end phones like iPhones & Samsung flip phones cost much more than $350 so it can be worthwhile to get them covered in some cases.
What's wrong with disabling online transactions until it's needed.
Without the app and authority there's no changeing that block.
I've never had my bank app on my phone. It's so dadangerous. As a matter of fact the older I get the less apps I have on my phone
Sim jacking has been around longer. It was even used in several tv dramas like CSI Cyber, which also covered rogue charging stations in 2014 that also steal your data.
It's been going on for decades. In fact it pre-dates SIM cards, and even cell phones. The real name for the class of attack is "social engineering". In short, it's convincing someone that you're allowed to do whatever you're trying to do when you shouldn't be.
Before cell phones it was used to take control of phone numbers and move them to other locations, usually targeting places that would accept payments so that people would phone the scammers and give them their credit card details. It is also still used to call banks and convince them that they are the legitimate account holder and just forgot the password. The reason SIM cards are now targetted more than individual financial institutions is that one SIM card swap can net you access to multiple bank accounts, whereas if you target the bank itself you only get individual accounts. Also banks usually have (albeit only slightly) higher security than phone companies.
Take ALL YOUR BANK APPS OFF YOUR PHONE! Just do your transactions from home on your tablet or computer
That’s a great tip 👍🏼
No. Just stay logged off those accounts. Simple
I love how clueless these people are reporting this story. Banks are the worst at providing security measures. Most of them do not allow two-factor authentication using a hardware token or token app, and even the ones that do often have the ability to bypass these security mechanisms, thereby defeating their security.
I know of a bank that only allows pure numeric passwords of exactly 4 digits. only allows SMS 2FA, and allows you to bypass it by answering "security questions" like "what's your mother's maiden name?"... I'm pretty sure my fridge is far more secure than that bank.
Lets be honest half the problem is how people have been convinced to give more and more power to their Cell phone. A phone which as the news article mentioned is always on them. A prime target for thieves and muggers. Or just you lose it leaving it on a table. Any one working in the food industry knows dozens of phones a week are often left in restaurants.
That people have vital things like their bank accounts, contact numbers etc all on said phone is kind of a security joke. It's like walking around with the Pin tapped to your debit card. Many times all you have to do is unlock the phone, which is often easily cracked. This Sim swapping just makes it even easier.
Another big thing you should do is set a SIM PIN on your phone SIM Card. This allows the SIM card to be locked down unless you have the PIN to unlock it. It's a deterrence against SIM swappers.
Thank you! Went through all the comments above, until yours. I just did mine. Hopefully more readers read your valuable comments.
No, it will not. That PIN protects the SIM you have. When he gets the new SIM he is of course given the PIN it has. Often it is 1234. It seems people do not have any clue on what SIM swapping means. Nothing you do to your phone can protect you in anyway as it does not involve using your phone.
@@okaro6595 you are right about this.
Change my mind ; Cellphone carriers are 💯 complicit on this. There is absolutely ZERO reason there is not layers of security when a SIM swap is requested like an auto SMS sending to current device with a 24hr delay (even 1hr would likely save 95% fraudulent sim swap requests).
Wait until digital currency kicks off. Watch as the numbers in your bank account go to zero and the banks don't know why.
Using BOTH parts of the 2-factor identifications on the same device (your phone), being a safety issue... What a shock! (sarcasm intended).
Seriously though, the reason why this can even happen in the first place, is lazy safety-procedures and "FALSE" two-factor authentication giving false sense of security.
For a two-factor authentication to be ACTUALLY working reliably, the two parts needs to be on two SEPERATE physical units.
In India you have to show a police report that you have lost your old phone to get the same number reassigned to you. 😂😂
Scammer: I lost my Sim card and need another one 🥸
Call Rep: Sure thing. We'll just need you to answer the five security questions you have on file. 💁♀️
Scammer: 👀
PROBLEM SOLVED. How hard was that?
I recently had my phone " brick" enroute to Christmas holidays. I inadvertently put it in an unusual pocket in my rollaboard. Next day, i went to my wireless provider to get a new sim card, and put it in an old phone we had with us. The process took almost all day, wirh layers of authentication! Now I know why...ironically, the next day, I found the dead phone and was able to get a battety replacement. I will be extremely careful with the " extra" sim card!
A similar situation, happened to me, I gave my cellphone to this cellphone kiosk, in the mall, because It had split or crack the glass, so I went get it repaired, not knowing this guy, swapped the sims card, I was unable to call my friend, my phone had weird static sound, when put on speaker, you barely could hear the person on the phone. Yes, so be careful, and be vigilant guys.
that's not what sim swapping does. That's just a shitty work to replace the glass.
@@n3tw0rk_n3k0 No when I went back to the guy, he took sims card out, for what reason, I'm not sure, my phone, was never the same afterwards.
This happened a few years ago and my carrier was not successful in getting the control of the phone back to me. Luckily I never lost anything however what I ended up doing was resetting my network settings etc. This restored control of my phone to my physical sim card. So something to try if you notice something is up (I had lost cell service and couldn't get it back) is to immediately reset the network settings.
Thanks, good to know.
That makes no sense at all, your sim in a way is your id, if they issue a new sim card then the previous one is invalid, well if it worked it worked
Most of this video is bs so yeah
Why does your graphic at 0:56 show a Micro SD card instead of a SIM card?
I had a rootkit installed on my phone by employee(s) from a Big Three US phone carrier. I would not be surprised if a lot of "SIM swapping' is done by insiders working for the Big Three phone carriers.
I literally don't understand how they can drain any bank account. Thru a banking app? I don't keep any banking app on my phone. I don't save any passwords either.
It's the people who stay logged into their bank account for convenience.
@@chuckh4077 Oh, thank you! It's funny how this article wasn't that clear about that factor. So do I have this right, someone can get your phone #, and then call any cell phone company and do a port request? Then they have access to your android or apple and subsequently then have access to your contacts and apps, once the phone company ports your number in, and all your stuff populates on their device? Then your phone goes black? Is that about right? If that's correct, this is insane. Cell phone companies need to do MUCH more authentication instead of just a simple port request.
I dont understand why anyone would keep more than $5 in a checking acct beyond what they need to cover, serious money like that $200,000 the woman claimed she lost- should be securely tied up in investments, even a stock brokerage like Schwab requires 3 business days to transfer money etc out.
@@HobbyOrganist ikr???? So much about this doesn't make sense at all ... are people just not thinking??
@@HobbyOrganist
Maybe she just got her inheritance money or sold a house, who knows? But I do agree with you that having 200k sitting losing value at a bank and in risk of theft is not a good idea, she should be investing that money, and growing it to keep up with inflation and to increase wealth.
Which is clearly why you should never have truly sensitive information on your cell phone
Don't put your credit card number or banking information on your cell phone Or your debit card and they won't be able to get that information.
Ciminals don't need access to your phone. They don't even need to be on the same contenent as the legitimate phone owner. All they need is the phone number and the horse has left the barn. It's lax security associated with this new technology that has opened the door to massive theft of bank account funds.
That's is the truth about people asking for paid by phone at cashier checkouts instead of using normal credit card or debit card. Happens when people pulled their sim card out of old phone before sold old phone still have bank info on it. People used paid by phone makes them look didn't pay for the item at checkouts. Best way use card the old way.
Sorry. But, using the physical card isn’t any safer these days. The credit card skimmer is even more prevalent. That’s why people switched to digital wallets. The only “safer way” is to go back to using cash.
Or use shielded wallets as I do. My banking information resides in my head. They would have to cut off my head. 😁
@@maylani3697 At least credit cards are protected against fraud. Debit cards and cash are not protected. The problem is so many people are sharing their information on social media and banking/shopping with their phones. You have no privacy when you put all your information on your phone and you are asking for a problem.
Does this primarily effect people who have their banking APPs / information on their cell phones?!?
Most of this video is wrong sooo
They can't take anything, they'll only have access to any 2FA tied to your phone number, so unless they already know a lot of other things nobody will care about doing a sim swap on you
Maybe they'll get access to your contacts if they are saved
It has nothing to do with that. All they get is your phone number, but with that, they can change passwords.
That was exactly what happened to me about 4 months ago and it's a nightmare. This is so unfair how the banks and credit cards have no idea how to protect us. I'm telling you if contact your bank and credit from the same phone you are risking them to get further information. Going directly to the bank is safer
The first part of this story is unsettling , but the second part 5:39 is antiquated... I can't believe anybody would fall for that second scam anymore
But don’t they still need your bank account password, to even get to the 2 factor part of the log in process?
In Greece you must go to a store in person to have a SIM reissued, and the shop asks for National ID card or passport. Still SIM swapping happens, so I am convinced that the scammer rings have agents in the mobile phone providers.
In the USA the states are way larger than Greece, there are a myriad of small and very small towns that don't have physical stores in there, so the people would have to travel huge distances to get there.
In India getting a new sim card or replacing one isn't easy at all. The carriers ask for identity proof etc. before they issue one.
Don't do social media period!
Which phone companies are doing more to protect us? Does AT&T, Verizon, or T-Mobile require you to physically go in to do a SIM swap? We should all be leaving any company that just allows this over the phone or with minimal safeguards. This is outrageous and phone companies need to be held accountable for each occurrence they allow to happen.
I keep a second phone and do not publish that number. If I even suspect something dodgy is going on I ring my bank and report my card lost. Very few people know the second number, so it gives a way for the bank to check / send codes / independently of my main number and it regularly gets used this way.
Also if somebody rings or contacts me in any way to ask questions, I always answer that I do not have to answer their questions, nor confirm my identity. If they ask to access my bank account I reply sweetly that of course I can access my bank account, but it will be on a separate phone and computer, and they will not see any of it... 😊😂
Твой номер можно запросто подделать, допустим ты миллионер и тебя много денег, кто-то узнал об этом, найдутся профи, они начнут изучать тебя, твой маршрут, когда ты выходишь на дорогу, примерное время на работе и на дому. Ищут слабые места, каким телефоном пользуешься, тебе позвонят, а как они это сделают? Социальная инженерия, тебя попросят дать телефон чтобы позвонить на минутку и всё. Если ничего не поможет с походом в центр замены сим карты у оператора, они пойдут на более изощрённый метод, все фишки хороши для них. Один незнакомец будет ходить за тобой не очень близко и не очень далеко, у него в руках может быть маленький портфель типа дипломата, внутри него ноутбук, к ноутбуку подключен дешифратор с мощной антенной, он заставляет переключить твой сигнал телефона на их частоту, таким образом телефон будет думать что подключился к базовой станции, но на самом деле - это нелегитимная базовая станция. Таким образом они могут перехватить все звонки и сообщения, в том числе пароль от двухфакторной аутентификации, так как мошенники знают твой номер, они инициируют звонок от банка, чтобы заставить тебя зайти на твой аккаунт через интернет, ты заходишь на свой аккаунт, тебе приходит СМС код и всё, злоумышленники получили доступ к твоему счету. Поэтому никогда не пользуйся двухфакторной аутентификации для банковских операций это небезопасно.
Not sure I understand. So they transfer your phone number to their phone and therefore they have access to the codes sent for 2FA. However, your apps and passwords are not in the SIM card, they are in your Apple ID. So, how would they get access to your bank accounts if they don’t have your usernames and passwords?
@@Albdean Thanks so much for clarifying!
The scammers already got your banking info, this is the last step to get your phone number onto their phone. so, they can change your bank login passwords through 2FA...
@4:05 - 4:40 steps to thwart scam…. don’t over share info; contact phone company &create code word to authenticate sim swap (NOT your password).
@2:10 "Investigator asked us not to name him, to protect his identity", so we decided to show him talking with us, to help scammers identify him.
That is nuts! I want to know how they choose their targets or if they just pick any random number?
😮
They choose targets by those who easily fall prey to answering their calls/text. Caller information can be easily spoofed, making it look like they're calling from a company.
Don't banks in America require log in passwords? If you have acces to a phone you do not automatically hace acces to bank accounts. I'm confused.
They seem to have very poor security. In Finland you need a customer number, a PIN, a single use code and a code sent to your phone.
Cell phone companies should be held accountable!!!
I don’t get how they empty your bank account. When I want to transfer money, I need my debit card and a little device to put the card in. There is a chip on the card. First I have to give my PIN number. And then the bank sent me a number. I give the number to the device, that gives back another number. That I give back to the bank. And only then the money is transferred.
Without the card no access.
How can you call your phone company if your phone stops working?
They've hacked the email before the sim swapping happens
Scammer Payback and Jim Browning would be pleased to see this video exists
It's almost always an inside job at cell phone companies. It also happens with eSIMs. It is not just physical SIM cards.
Wait? Nothing is stored on my sim. All my contacts, passwords etc is on my phone.
How can they access my bank account when they dont even have my username or password or security questions?
I read on another YT channel that the person prolly accessed certain accounts via her phone number. The cell phone number that they had somehow. I did not believe that was possible. I thought passwords needed to be strong with symbols, numbers, letters, etc.
@@annheatherton there's something not being mentioned. She probably gave out some info and the attackers used that in addition to the aim swap
She probed opened a scam email and hit the link which is all they need. Once they have that access…….
Never open emails supposedly from your banks and such unless you initiate the contact.
I get them all the time except most of mine go straight to my junk mail. Always check addresses of emails before opening. Small ways to tell if they are legit or not!